zeus
/
SwarmLab-HowTos
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
390 Commits
1 Branch
0 Tags
124 MiB
 
 
Tree: a3e665d85a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a3e665d85a'
${ noResults }
SwarmLab-HowTos/swarmlab/docs/build/site/swarmlab_sec-intro/docs/index.html

639 lines
25 KiB
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<title>Network Scanning! :: Swarmlab faq</title>
<link rel="canonical" href="http://docs.swarmlab.io/SwarmLab-HowTos/swarmlab/docs/swarmlab_sec-intro/docs/index.html">
<meta name="generator" content="Antora 2.3.4">
<link rel="stylesheet" href="../../_/css/site.css">
<link rel="stylesheet" href="../../_/css/search.css">
<script>var uiRootPath = '../../_'</script>
</head>
<body class="article">
<header class="header">
<nav class="navbar">
<div class="navbar-brand">
<a class="navbar-item" href="http://docs.swarmlab.io/SwarmLab-HowTos/swarmlab/docs">Swarmlab faq</a>
<button class="navbar-burger" data-target="topbar-nav">
<span></span>
<span></span>
<span></span>
</button>
</div>
<div id="topbar-nav" class="navbar-menu">
<div class="navbar-end">
<a class="navbar-item" href="#">Home</a>
<div class="navbar-item has-dropdown is-hoverable">
<a class="navbar-link" href="#">Products</a>
<div class="navbar-dropdown">
<a class="navbar-item" target ="hybridgit" href="https://git.swarmlab.io:3000/zeus/swarmlab-hybrid">Hybrid</a>
<a class="navbar-item" target ="venusgit" href="https://git.swarmlab.io:3000/swarmlab/venus-client">Venus</a>
</div>
</div>
<div class="navbar-item has-dropdown is-hoverable">
<a class="navbar-link" href="#">Services</a>
<div class="navbar-dropdown">
<a class="navbar-item" target ="hybrid" href="https://api-client.swarmlab.io:8088/">Hybrid</a>
<a class="navbar-item" target ="venus" href="https://api-client.swarmlab.io:8088/">Venus</a>
</div>
</div>
<div class="navbar-item">
<input id="search-input" type="text" placeholder="Search docs">
</div>
</div>
</div>
</nav>
</header>
<div class="body">
<div class="nav-container" data-component="swarmlab_sec-intro" data-version="docs">
<aside class="nav">
<div class="panels">
<div class="nav-panel-menu is-active" data-panel="menu">
<nav class="nav-menu">
<h3 class="title"><a href="index.html">swarmlab_sec-intro</a></h3>
<ul class="nav-list">
<li class="nav-item" data-depth="0">
<ul class="nav-list">
<li class="nav-item is-current-page" data-depth="1">
<a class="nav-link" href="index.html">Network Scanning</a>
</li>
<li class="nav-item" data-depth="1">
<a class="nav-link" href="index-analysis.html">Network analysis</a>
</li>
<li class="nav-item" data-depth="1">
<a class="nav-link" href="exer.html">Exercises</a>
</li>
</ul>
</li>
</ul>
</nav>
</div>
<div class="nav-panel-explore" data-panel="explore">
<div class="context">
<span class="title">swarmlab_sec-intro</span>
<span class="version">docs</span>
</div>
<ul class="components">
<li class="component">
<a class="title" href="../../CloudComputing_Lab/docs/index.html">CloudComputing_Lab</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../CloudComputing_Lab/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_faq/docs/index.html">swarmlab_faq</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_faq/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_how-to-build-a-Swarmlab-service/docs/index.html">swarmlab_how-to-build-a-Swarmlab-service</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_how-to-build-a-Swarmlab-service/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_infrastructure-as-code/docs/index.html">swarmlab_infrastructure-as-code</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_infrastructure-as-code/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_iot-sensor-node/docs/index.html">swarmlab_iot-sensor-node</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_iot-sensor-node/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_network-adhoc/docs/index.html">swarmlab_network-adhoc</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_network-adhoc/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_poc-datacollector/docs/index.html">swarmlab_poc-datacollector</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_poc-datacollector/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_raspi-docker/docs/index.html">swarmlab_raspi-docker</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_raspi-docker/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component is-current">
<a class="title" href="index.html">swarmlab_sec-intro</a>
<ul class="versions">
<li class="version is-current is-latest">
<a href="index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_sec-iptables/docs/index.html">swarmlab_sec-iptables</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_sec-iptables/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_sec-ssh-tunneling/docs/index.html">swarmlab_sec-ssh-tunneling</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_sec-ssh-tunneling/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_sidecar-firefox/docs/index.html">swarmlab_sidecar-firefox</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_sidecar-firefox/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_tech-list/docs/index.html">swarmlab_tech-list</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_tech-list/docs/index.html">docs</a>
</li>
</ul>
</li>
<li class="component">
<a class="title" href="../../swarmlab_xelatex-thesis/docs/index.html">swarmlab_xelatex-thesis</a>
<ul class="versions">
<li class="version is-latest">
<a href="../../swarmlab_xelatex-thesis/docs/index.html">docs</a>
</li>
</ul>
</li>
</ul>
</div>
</div>
</aside>
</div>
<main class="article">
<div class="toolbar" role="navigation">
<button class="nav-toggle"></button>
<a href="../../swarmlab_faq/docs/index.html" class="home-link"></a>
<nav class="breadcrumbs" aria-label="breadcrumbs">
<ul>
<li><a href="index.html">swarmlab_sec-intro</a></li>
<li><a href="index.html">Network Scanning</a></li>
</ul>
</nav>
</div>
<div class="content">
<aside class="toc sidebar" data-title="Contents" data-levels="2">
<div class="toc-menu"></div>
</aside>
<article class="doc">
<h1 class="page">Network Scanning!</h1>
<div id="preamble">
<div class="sectionbody">
<div class="imageblock right">
<div class="content">
<img src="_images/swarmlab.png" alt="swarmlab" width="150">
</div>
</div>
<div class="paragraph">
<p>This tutorial demonstrates some common nmap port scanning scenarios and explains the output.</p>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_find_ip"><a class="anchor" href="#_find_ip"></a>Find IP</h2>
<div class="sectionbody">
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash"># ifconfig ή ip a
eth0: flags=4163&lt;UP,BROADCAST,RUNNING,MULTICAST&gt; mtu 1500
inet 172.21.0.2 netmask 255.255.0.0 broadcast 172.21.255.255
ether 02:42:ac:15:00:02 txqueuelen 0 (Ethernet)
RX packets 61 bytes 9309 (9.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73&lt;UP,LOOPBACK,RUNNING&gt; mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 248 bytes 14260 (14.2 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 248 bytes 14260 (14.2 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0</code></pre>
</div>
</div>
<div class="admonitionblock tip">
<table>
<tr>
<td class="icon">
<i class="fa icon-tip" title="Tip"></i>
</td>
<td class="content">
inet <strong><strong>172.21.0.2</strong></strong> netmask 255.255.0.0 broadcast 172.21.255.255
</td>
</tr>
</table>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_find_live_hosts"><a class="anchor" href="#_find_live_hosts"></a>Find live hosts</h2>
<div class="sectionbody">
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">nmap -sP 172.21.0.*
Nmap scan report for 172.21.0.1 (172.21.0.1)
Host is up (0.00028s latency).
MAC Address: 02:42:56:48:D0:61 (Unknown)
Nmap scan report for testnetwork2_worker_1.testnetwork2_net (172.21.0.3)
Host is up (0.00015s latency).
MAC Address: 02:42:AC:15:00:03 (Unknown)
Nmap scan report for testnetwork2_worker_3.testnetwork2_net (172.21.0.4)
Host is up (0.00018s latency).
MAC Address: 02:42:AC:15:00:04 (Unknown)
Nmap scan report for testnetwork2_worker_4.testnetwork2_net (172.21.0.5)
Host is up (0.00015s latency).
MAC Address: 02:42:AC:15:00:05 (Unknown)
Nmap scan report for testnetwork2_worker_2.testnetwork2_net (172.21.0.6)
Host is up (0.00017s latency).
MAC Address: 02:42:AC:15:00:06 (Unknown)
Nmap scan report for 9110d42e466b (172.21.0.2)
nmap -sP 172.21.0.* | grep Nmap | cut -d' ' -f5-6
172.21.0.1 (172.21.0.1)
testnetwork2_worker_1.testnetwork2_net (172.21.0.3)
testnetwork2_worker_3.testnetwork2_net (172.21.0.4)
testnetwork2_worker_4.testnetwork2_net (172.21.0.5)
testnetwork2_worker_2.testnetwork2_net (172.21.0.6)
9110d42e466b (172.21.0.2)</code></pre>
</div>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
<div class="title">What is Nmap?</div>
<div class="paragraph">
<p>Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.</p>
</div>
<div class="paragraph">
<p>See <a href="https://en.wikipedia.org/wiki/Nmap" target="_blank" rel="noopener">Nmap-wikipedia</a></p>
</div>
</td>
</tr>
</table>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_scan_ports"><a class="anchor" href="#_scan_ports"></a>Scan Ports</h2>
<div class="sectionbody">
<div class="sect2">
<h3 id="_scan_a_single_port_all_ports_or_series"><a class="anchor" href="#_scan_a_single_port_all_ports_or_series"></a>Scan a Single Port, All Ports, or Series</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">Nmap commands can be used to scan a single port or a series of ports:</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_scan_port_80_on_the_target_system"><a class="anchor" href="#_scan_port_80_on_the_target_system"></a>Scan port 80 on the target system:</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">nmap –p 80 172.21.0.3</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_scan_ports_1_through_200_on_the_target_system"><a class="anchor" href="#_scan_ports_1_through_200_on_the_target_system"></a>Scan ports 1 through 200 on the target system:</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">nmap –p 1-200 172.21.0.3</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_scan_fast_the_most_common_ports"><a class="anchor" href="#_scan_fast_the_most_common_ports"></a>Scan (Fast) the most common ports:</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">nmap –F 172.21.0.3</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_to_scan_all_ports_1_65535"><a class="anchor" href="#_to_scan_all_ports_1_65535"></a>To scan all ports (1 – 65535):</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">nmap –p– 172.21.0.3</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_scan_all_tcp_udp_ports"><a class="anchor" href="#_scan_all_tcp_udp_ports"></a>Scan All TCP UDP Ports</h3>
<div class="paragraph">
<p>Scan all UDP and TCP ports in a single command. We will use -sU for UDP and sT for TCP protocol.</p>
</div>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">nmap -sU -sT -p0-65535 IP</code></pre>
</div>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
<div class="title">What Are Ports?</div>
<div class="paragraph">
<p>On modern operating systems, ports are numbered addresses for network traffic. Different kinds of services use different ports by default.</p>
</div>
<div class="paragraph">
<p>For example, normal web traffic uses Port 80, while POP3 email uses Port 110. One of the ways that a firewall works is by allowing or restricting traffic over a particular port.</p>
</div>
<div class="paragraph">
<p>Because the ports into your computer can cause a security risk, it’s critical to know which ports are open and which are blocked.</p>
</div>
</td>
</tr>
</table>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_netstat"><a class="anchor" href="#_netstat"></a>netstat</h2>
<div class="sectionbody">
<div class="sect2">
<h3 id="_listing_almost_all"><a class="anchor" href="#_listing_almost_all"></a>Listing (Almost all)</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -antlupe</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_listing_tcp_ports_connections"><a class="anchor" href="#_listing_tcp_ports_connections"></a>Listing TCP Ports connections</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -at</code></pre>
</div>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
<div class="title">Netstat</div>
<div class="paragraph">
<p>Netstat command displays various network related information such as network connections, routing tables, interface statistics, masquerade connections, multicast memberships etc.,</p>
</div>
</td>
</tr>
</table>
</div>
</div>
<div class="sect2">
<h3 id="_listing_udp_ports_connections"><a class="anchor" href="#_listing_udp_ports_connections"></a>Listing UDP Ports connections</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -au</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_listing_all_listening_connections"><a class="anchor" href="#_listing_all_listening_connections"></a>Listing all LISTENING Connections</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -l</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_listing_all_tcp_listening_ports"><a class="anchor" href="#_listing_all_tcp_listening_ports"></a>Listing all TCP Listening Ports</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -lt</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_listing_all_udp_listening_ports"><a class="anchor" href="#_listing_all_udp_listening_ports"></a>Listing all UDP Listening Ports</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -lu</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_listing_all_unix_listening_ports"><a class="anchor" href="#_listing_all_unix_listening_ports"></a>Listing all UNIX Listening Ports</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -lx</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_showing_statistics_by_protocol"><a class="anchor" href="#_showing_statistics_by_protocol"></a>Showing Statistics by Protocol</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -s</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_showing_statistics_by_tcp_protocol"><a class="anchor" href="#_showing_statistics_by_tcp_protocol"></a>Showing Statistics by TCP Protocol</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -st</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_showing_statistics_by_udp_protocol"><a class="anchor" href="#_showing_statistics_by_udp_protocol"></a>Showing Statistics by UDP Protocol</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -su</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_displaying_service_name_with_pid"><a class="anchor" href="#_displaying_service_name_with_pid"></a>Displaying Service name with PID</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -tp</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_displaying_promiscuous_mode"><a class="anchor" href="#_displaying_promiscuous_mode"></a>Displaying Promiscuous Mode</h3>
<div class="paragraph">
<p>Displaying Promiscuous mode with -ac switch, netstat print the selected information or refresh screen every five second. Default screen refresh in every second.<br></p>
</div>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash"> netstat -ac 5 | grep tcp</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_setting_promiscuous_mode"><a class="anchor" href="#_setting_promiscuous_mode"></a>Setting Promiscuous Mode</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash"> ifconfig eth0 promisc
OR
ip link set eth0 promisc on</code></pre>
</div>
</div>
</div>
<div class="sect2">
<h3 id="_remove_promiscuous_mode"><a class="anchor" href="#_remove_promiscuous_mode"></a>Remove Promiscuous Mode</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash"> ifconfig eth0 –promisc</code></pre>
</div>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
<div class="title">Promiscuous Mode</div>
<div class="paragraph">
<p>Promiscuous mode is a mode for a wired network interface controller (NIC) or wireless network interface controller (WNIC) that causes the controller to pass all traffic it receives to the central processing unit (CPU) rather than passing only the frames that the controller is specifically programmed to receive.</p>
</div>
<div class="paragraph">
<p>When a capable NIC is placed in Promiscuous Mode, it allows the NIC to intercept and read each arriving network packet in its entirety.</p>
</div>
<div class="paragraph">
<p>If the NIC is not in Promiscuous Mode, it will only receive packets that are specifically addressed to the NIC. Promiscuous Mode must be supported by the NIC and by the operating system and any associated driver. Not all NICs support Promiscuous Mode, however it is pretty easy to determine if you have a NIC and OS capable of Promiscuous Mode.</p>
</div>
</td>
</tr>
</table>
</div>
</div>
<div class="sect2">
<h3 id="_check_if_promiscuous_mode_is_enabled_on_network_interface"><a class="anchor" href="#_check_if_promiscuous_mode_is_enabled_on_network_interface"></a>check if promiscuous mode is enabled on network interface</h3>
<div class="listingblock">
<div class="content">
<pre class="highlightjs highlight"><code class="language-bash hljs" data-lang="bash">netstat -i
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 8352 0 0 0 12677 0 0 0 BMRU
lo 65536 14656 0 0 0 14656 0 0 0 LRU
ifconfig eth0 promisc
netstat -i
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 8352 0 0 0 12677 0 0 0 BMPRU
lo 65536 14696 0 0 0 14696 0 0 0 LRU
ifconfig eth0 -promisc
netstat -i
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 8353 0 0 0 12677 0 0 0 BMRU
lo 65536 15232 0 0 0 15232 0 0 0 LRU</code></pre>
</div>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
<div class="title">Promiscuous Mode</div>
<div class="paragraph">
<p>Look under the last column “Flg” for value “P”. If it’s there, it means promiscuous mode is enabled for that network interface<br>
B flag is for broadcast<br>
M flag is for multicast<br>
P flag is for promisc mode<br>
R is for running<br>
U is for up<br></p>
</div>
</td>
</tr>
</table>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_how_to_use_nmap"><a class="anchor" href="#_how_to_use_nmap"></a>Appendix A: How to use Nmap</h2>
<div class="sectionbody">
<div class="paragraph">
<p>While the basis of Nmap&#8217;s functionality is port scanning, it allows for a variety of related capabilities including:</p>
</div>
<div class="ulist">
<ul>
<li>
<p>Network mapping: Nmap can identify the devices on a network (also called host discovery), including servers, routers and switches, and how they&#8217;re physically connected.</p>
</li>
<li>
<p>OS detection: Nmap can detect the operating systems running on network devices (also called OS fingerprinting), providing the vendor name, the underlying operating system, the version of the software and even an estimate of devices' uptime.</p>
</li>
<li>
<p>Service discovery: Nmap can not only identify hosts on the network, but whether they&#8217;re acting as mail, web or name servers, and the particular applications and versions of the related software they&#8217;re running.</p>
</li>
<li>
<p>Security auditing: Figuring out what versions of operating systems and applications are running on network hosts lets network managers determine their vulnerability to specific flaws. If a network admin receives an alert about a vulnerability in a particular version of an application, for example, she can scan her network to identify whether that software version is running on the network and take steps to patch or update the relevant hosts. Scripts can also automate tasks such as detecting specific vulnerabilities.</p>
</li>
</ul>
</div>
</div>
</div>
</article>
</div>
</main>
</div>
<footer class="footer">
<p>This page was built using the Antora <a href="https://gitlab.com/antora/antora-ui-default" target="antora">default UI</a> </p>
</footer>
<script src="../../_/js/site.js"></script>
<script src="../../_/js/vendor/lunr.js"></script>
<script src="../../_/js/vendor/search.js" id="search-script" data-base-path="../.." data-page-path="/swarmlab_sec-intro/docs/index.html"></script>
<script async src="../../_/../search-index.js"></script>
<script async src="../../_/js/vendor/highlight.js"></script>
</body>
</html>